﻿<?php


class office{
	
	
	
	function __construct(){
		
		$this->tpl = new Smarty();
		$this->tpl->template_dir = ROOT.'template';
		$this->tpl->compile_dir = ROOT.'template_c';
		$this->tpl->cache_dir = ROOT.'cache';
		$this->tpl->config_dir = ROOT.'config';
		$this->tpl->assign('stat', helper::stat());

	}
	
	function __destruct(){
	
	}
	
	function index(){
		
		if(isset($_SESSION['aLogin'])){
			
			if(isset($_GET['do'])){
				$do = $_GET['do'];
				
				if(method_exists($this,$do)){
					$this->$do();
				}
			} else $this->main();
			
			
			
		} else {
			
			if(isset($_GET['do']) && $_GET['do']=='register'){
			
				$this->register();
				
			} else $this->login();
			
			
		}
	}

	function login(){
		if (isset($_POST['aLogin'],$_POST['aPassw'])) {
			try{
				if($_POST["aLogin"]=='') throw new Exception("log");
				if($_POST["aPassw"]=='') throw new Exception("pas");
				//if(trim(@$_SESSION['captcha_keystring']!==$_POST['captcha'])) throw new Exception("cap");
				if (empty($_SESSION['captcha']) || trim(strtolower($_REQUEST['captcha'])) != $_SESSION['captcha']) throw new Exception("cap");
				$login=helper::office_secure($_POST['aLogin']);
				$password=helper::office_secure($_POST['aPassw']);
				list($MSSQL_login,$MSSQL_pass) = db_mssql_fetchrow(db_mssql_query("SELECT Id,Password FROM rf_user.dbo.".ACC." WHERE Id = '".$login."'"));
				if(trim($MSSQL_pass)==trim($password)) {
					$_SESSION['aLogin']=$login;
					$this->tpl->assign('ipc',$_SERVER['REMOTE_ADDR']);
					$this->tpl->display('main.tpl');
				} else {
					$this->tpl->assign('val', 'war');
					$this->tpl->assign('vali', 'lopa');
					$this->tpl->display('login.tpl');
					if(isset($_SESSION['attept'])) $_SESSION['attept']=$_SESSION['attept']+1;else $_SESSION['attept']=1;
				}
			} catch(Exception $e){
					$this->tpl->assign('val', 'war');
					$this->tpl->assign('class', 'error');
					$this->tpl->assign('vali', $e->getMessage());
					$this->tpl->display('login.tpl');
			}
		} else {
			if (!isset($_SESSION['aLogin'])) {
				$this->tpl->assign('val', 'ver');
				$this->tpl->display('login.tpl');
			} else {
				$this->tpl->display('main.tpl');
			}
		}	
	
	}
// как сказал злой дядька дальше идёт полный треш....
	function register() {
		if (isset($_POST['rLogin'],$_POST['rPassw'],$_POST['rEmail'],$_POST['captcha'])) {
			try{
				if(trim($_POST["rLogin"]=='')) throw new Exception("log");
				if(trim($_POST["rPassw"]=='')) throw new Exception("pas");
				if(trim($_POST["rEmail"]=='')) throw new Exception("ema");
				if(trim($_POST['rLogin']=='' or strlen($_POST['rLogin'])>=16 or strlen($_POST['rLogin'])<=3)) throw new Exception("logb");
				if(trim($_POST['rLogin']!==helper::analyze($_POST['rLogin']))) throw new Exception("logs");
				if (empty($_SESSION['captcha']) || trim(strtolower($_REQUEST['captcha'])) != $_SESSION['captcha']) throw new Exception("cap");
				if(trim(strlen($_POST['rPassw'])>10)) throw new Exception("pasd");
				if(trim(strlen($_POST['rPassw'])<3)) throw new Exception("pask");
				if(trim(helper::checkemail($_POST['rEmail']))) throw new Exception("ema");
				if(strpos($_POST['rEmail'],'--')<>0 || strpos($_POST['rLogin'],'--')<>0) die('hacking attept!!');
				if(strlen($_POST['rEmail'])>35 || strlen($_POST['rLogin'])>20) throw new Exception("emad");
				list($Id) = db_mssql_fetchrow(db_mssql_query("SELECT Id FROM rf_user.dbo.".ACC." WHERE Id = '".helper::office_secure($_POST['rLogin'])."'"));
				if(trim($Id)!=='') throw new Exception("loge");
				list($Id) = db_mssql_fetchrow(db_mssql_query("SELECT Id FROM rf_user.dbo.".ACC." WHERE Email = '".helper::office_secure($_POST['rEmail'])."'"));
				if(trim($Id)!=='') throw new Exception("emae");
				$login=helper::office_secure($_POST['rLogin']);$password=helper::office_secure($_POST['rPassw']);$mail=helper::office_secure($_POST['rEmail']);
				$_SESSION['reg']='OK';
				if(ACC=="tbl_rfaccount") {
					db_mssql_query("INSERT INTO rf_user.dbo.".ACC." (id,password,accounttype,birthdate,Email)
					VALUES ((CONVERT (binary,'".$login."')), (CONVERT (binary,'".$password."')),0,0,'".addslashes($mail)."')");
				} else {
					db_mssql_query("INSERT INTO rf_user.dbo.".ACC." (id,password,BCodeTU,Email)
					VALUES ((CONVERT (binary,'".$login."')), (CONVERT (binary,'".$password."')),1,'".addslashes($mail)."')");
				}
				$this->tpl->assign('login', $login);
				$this->tpl->assign('val', 'suc');
				$this->tpl->display('register.tpl');
			} catch(Exception $e){
					$this->tpl->assign('val', 'war');
					$this->tpl->assign('class', 'error');
					$this->tpl->assign('vali', $e->getMessage());
					$this->tpl->display('register.tpl');
			}
		} else {
			$this->tpl->assign('val', 'reg');
			$this->tpl->display('register.tpl');
		}
	}
	
	function logout() {
		session_destroy();
		$this->tpl->assign('val', 'ext');
		$this->tpl->display('login.tpl');
	}
	
	function main() {
		$this->tpl->display('main.tpl');
	}
	
	function stats() {
		$this->tpl->assign('nam', 'Статистика');
		$this->tpl->display('stats.tpl');
	}
	
	function hour()	{
		$this->tpl->assign('stats', helper::usernum());
		$this->tpl->assign('namu', '?do=stats');
		$this->tpl->assign('nam1', 'Статистика');
		$this->tpl->assign('nam', 'Онлайн по часам');
		$this->tpl->display('stats.tpl');
	}
	
	function now() {
		$this->tpl->assign('stats', helper::race_online());
		$this->tpl->assign('namu', '?do=stats');
		$this->tpl->assign('nam1', 'Статистика');
		$this->tpl->assign('nam', 'Текущий онлайн');
		$this->tpl->display('stats.tpl');
	}
	
	function top100() {
		$this->tpl->assign('tbl', 'table');
		$this->tpl->assign('stats', helper::top100());
		$this->tpl->assign('namu', '?do=stats');
		$this->tpl->assign('nam1', 'Статистика');
		$this->tpl->assign('nam', 'Топ 100');
		$this->tpl->display('stats.tpl');
	}
	
	function guild() {
		$this->tpl->assign('tbl', 'table');
		$this->tpl->assign('stats', helper::guild());
		$this->tpl->assign('namu', '?do=stats');
		$this->tpl->assign('nam1', 'Статистика');
		$this->tpl->assign('nam', 'Гильдии');
		$this->tpl->display('stats.tpl');	
	}
	
	function liders() {
		$this->tpl->assign('tbl', 'table');
		$this->tpl->assign('stats', helper::liders());
		$this->tpl->assign('namu', '?do=stats');
		$this->tpl->assign('nam1', 'Статистика');
		$this->tpl->assign('nam', 'Лидеры рас');
		$this->tpl->display('stats.tpl');	
	}
	
	function banlist() {
		$this->tpl->assign('tbl', 'table');
		$this->tpl->assign('stats', helper::banlist());
		$this->tpl->assign('namu', '?do=stats');
		$this->tpl->assign('nam1', 'Статистика');
		$this->tpl->assign('nam', 'Забаненые');
		$this->tpl->display('stats.tpl');
	}
	
	function profile() {
		$this->tpl->assign('nam', 'Профиль');
		$this->tpl->display('profile.tpl');
	}
	
	function account_info() {
		$this->tpl->assign('tbl', 'table');
		$this->tpl->assign('stats', helper::show_account_info());
		$this->tpl->assign('namu', '?do=profile');
		$this->tpl->assign('nam1', 'Профиль');
		$this->tpl->assign('nam', 'Информация об аккаунте');
		$this->tpl->display('profile.tpl');
	}
}